diff options
author | Peter Maydell <peter.maydell@linaro.org> | 2023-06-23 16:41:35 +0100 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2023-07-04 14:27:08 +0100 |
commit | 86a78272f094857b4eda79d721c116e93942aa9a (patch) | |
tree | cdcb6a840bc5ee198c41541e3bad35ca82168047 | |
parent | 7812aaa191eb2f2e3dc13507a4708e0c85017495 (diff) |
target/xtensa: Assert that interrupt level is within boundspull-target-arm-20230704
In handle_interrupt() we use level as an index into the interrupt_vector[]
array. This is safe because we have checked it against env->config->nlevel,
but Coverity can't see that (and it is only true because each CPU config
sets its XCHAL_NUM_INTLEVELS to something less than MAX_NLEVELS), so it
complains about a possible array overrun (CID 1507131)
Add an assert() which will make Coverity happy and catch the unlikely
case of a mis-set XCHAL_NUM_INTLEVELS in future.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Max Filippov <jcmvbkbc@gmail.com>
Message-id: 20230623154135.1930261-1-peter.maydell@linaro.org
-rw-r--r-- | target/xtensa/exc_helper.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/target/xtensa/exc_helper.c b/target/xtensa/exc_helper.c index d4823a65cd..43f6a862de 100644 --- a/target/xtensa/exc_helper.c +++ b/target/xtensa/exc_helper.c @@ -169,6 +169,9 @@ static void handle_interrupt(CPUXtensaState *env) CPUState *cs = env_cpu(env); if (level > 1) { + /* env->config->nlevel check should have ensured this */ + assert(level < sizeof(env->config->interrupt_vector)); + env->sregs[EPC1 + level - 1] = env->pc; env->sregs[EPS2 + level - 2] = env->sregs[PS]; env->sregs[PS] = |